vulnerability
CentOS Linux: CVE-2018-1106: Moderate: PackageKit security update (CESA-2018:1224)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:N/I:P/A:N) | 2018-04-23 | 2018-06-01 | 2023-05-25 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:P/A:N)
Published
2018-04-23
Added
2018-06-01
Modified
2023-05-25
Description
An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system.
Solution(s)
centos-upgrade-packagekitcentos-upgrade-packagekit-command-not-foundcentos-upgrade-packagekit-croncentos-upgrade-packagekit-debuginfocentos-upgrade-packagekit-glibcentos-upgrade-packagekit-glib-develcentos-upgrade-packagekit-gstreamer-plugincentos-upgrade-packagekit-gtk3-modulecentos-upgrade-packagekit-yumcentos-upgrade-packagekit-yum-plugin
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.